Forcepoint Identifies Trickbot Variant

A new variant of banking trojan was discovered and reported on by cybersecurity firm Forcepoint on August 29 of this year. Although Trickbot has been primarily developed to target bank accounts, a new variant has now been shown to target cryptocurrency wallets. The cybersecurity firm has also pointed out that they have captured, “8600 related emails…with the UK, Canada, and France as the top three targets.”

Following the analysis of said 8600 emails, Forcepoint noted an addition to their list of targets: Coinbase.com. The currency exchange site that operates exchanges between Bitcoin, Litecoin, and Ethereum to name a few, is now a principal objective for the malware.

Advertisement

advertisement

Earlier in June, Trickbot moved from traditional banks to targeting PayPal accounts and business CRMs (Customer Relationship Management). Now with Bitcoin’s price holding close to $4500, it comes as no surprise that cryptocurrency wallets are becoming a more valuable target.

Spotting Trickbot

Trickbot identifies itself in user’s inbox as a secure message from the Canadian Imperial Bank of Commerce (CIBC). An attached document is included in the mail, in which is also contained a macro downloader that downloads and enables the Trickbot malware.

As mentioned above, the malware targets traditional banking information, but also Paypal accounts and most recently cryptocurrency wallets.

Growth of Cryptocurrency Malware

It is becoming more and more common for cryptocurrency wallets to become targets of malware tampering. On June 16, 2011, Mikko Hypponen tweeted out, “We’ve just seen the first trojan that searches for Bitcoin WALLET.DAT files and mails them away. Ouch.” A link to a notice by Symantec also outlined exactly what the June 16 threat entailed.

In 2017, not only does the threat not seem to be neutralized, it appears to be adapting to the rising popularity and value of cryptocurrencies.

DISCLAIMER: BTCManager.com is not a financial project and does not provide any investment services or represent anyone's interests other than its own. For basic information on this website we put our own knowledge about online payment methods, practical skills and years of experience. BTCManager website is offered to wide range of readers as a daily digest that focuses on issues and modern solutions in the practical application the main cryptocurrency and its derivatives. Among our main objectives is to popularize the use of cryptocurrency, explanation what cryptocurrencies are and how they play the role of payment instrument and means for safe storing and earnings, as well as providing the necessary knowledge, educational articles, information about upcoming events and conferences dedicated to the development of cryptocurrency. BTC Manager is not responsible for any results of your using the information from our website. BTCManager.com is not responsible for the content of external sites.